Monday, March 19, 2018

When forced entry becomes digital

One of the worst crimes against property that we can suffer is the housebreaking, the economic damage it causes is added to that strange feeling of knowing that a stranger has been fiddling among our personal effects, breaking the inviolability of our domestic sanctuary.

If you have suffered a similar situation or you can put yourself in the victim's shoes, get ready ... because in the digital world these type of actions are becoming more frequent, for example, before the ransomware only intended to block your information, now It leaves a window open to this type of attacks. That is why today we want to share this interview with Tom Kellermann, Chief Cybersecurity Officer at Carbon Black, and an expert on all types of digital threats.

Friday, March 16, 2018

Who said cyberwar?

In cyberwar the most powerful weapon does not fire, it types. Far from being an eccentricity or the plot of a science fiction film, the cyberwar is increasingly present. Attacks, leaks of information and cyber-espionage begin to be mundane issues that reach the mass media. Is a cyber war approaching? Or is this already happening and we are not realizing it?

Wednesday, March 14, 2018

Prevention is your best attack

It was not until July 3 and 4, 1940, when the British detected the first signs that the invasion of the British Islands was being prepared. Despite making aerial examinations of the area looking for artillery constructions, they did not find anything remarkable, or in case of finding it, they did not find it sufficiently important to take action. It was not until September first that the British people were able to confirm that there were clear signs that the invasion of England was taking place.

History leaves us many lessons to learn, and this leaves us a great lesson: early detection and a good defense strategy can save you a lot of casualties. From CIGTR, we have already talked several times about the risks and cyberattacks that the health sector faces. The latest study named "Impacts of cyber insecurity on healthcare organizations" shows exactly what are these challenges and how companies face them if they do. In this survey, 627 executives in the sector have been interviewed. Do you want an advance? 62% admit to having suffered an attack in the last year. In many of these cases, the losses were translated into patients’ personal data.

Monday, March 12, 2018

Wash you hands

Cholera, hepatitis, rotavirus ... are terms that you're never happy to hear about but, what if we tell you that they can be simply avoided by using easy hygienic habits? As simple as washing hands or washing food before consuming them can prevent a lot of health problems.

In cybersecurity, hygiene is also important, the hygiene of you and your employees "cyber-routines" build a good basis on which to build your security strategy.  This week we want to give voice to Robert Herjavec, investor in ABC'S Shark Tank and founder / CEO of the cybersecurity services company Herjavec Group. From CIGTR, nowadays we want to share their point of view about the current outlook of the cybersecurity industry thanks for this interview conducted by Forbes.

Friday, March 9, 2018

The tailor´s wife is…

We already know how the saying ends, and that´s because this saying, with its respective translations, is known worldwide. What comes to express is that there are people who neglect in their immediate environment precisely what they are professionally engaged. This week we want to leave a couple of "tailors" who have also neglected what precisely was their job.

Wednesday, March 7, 2018

The honest trick

Not long ago Winter Olympics were held and among other things, some athletes who have tested positive for doping substances have come to light. If there is someone who has stood out, and not because of her good results, it is Nadezhda Sergeeva. The Russian athlete who months ago posed with a sweatshirt that said "I don´t to doping" tested positive for trimetazidine. Everyone has their tricks but of course, some are more honest than others.

In the cybersecurity world, sometimes you also need a little push to catch up with the competition. The knowledge gap has a direct impact on the productivity of companies and in this context, automation arises to give a boost to profitability. Indeni and GNS3 have surveyed more than 700 engineering and operations professionals worldwide.

Monday, March 5, 2018

Trust is blind and dangerous

When trust is on the table, the world divides in two. One side of the population will say that as human beings, we are trustful by nature. It’s in our genes as social animals and the necessities of our society. On the other hand, some may say that human beings are distrustful.  

This division will probably be something that will remain in time, but, as we can see in the news, cybersecurity world must be careful. In CIGTR we want to focus on Bill Mann’s, product director in Centrify, interview made by TechRepublic and ZDNet. In this interview, Bill Mann, explains his point of view on how companies should work on a zero trust basis if they want to be protected against cyberattacks. 

Friday, March 2, 2018

Do you feel safe at home?

Insecurities are bad but when you feel them at home they’re the worst. At home is where you should be feeling safer, and you should be doing what you can in order to achieve it. Can you even think about going to sleep leaving the keys in your doormat? Well, in cybersecurity, some people even leave the door open with a giant neon sign begging for people to come in. In this post we will revisit some of this week’s news and we will encourage you to buy a good bolt. 

Wednesday, February 28, 2018

Trust no one

We don’t know if this is a real story, but Trojan horse is one of the best known literary fantasies of all time.  We all have heard about that tale in which hundreds of warriors hide inside a big horse made of wood in order to penetrate the Trojan walls. 

There’s a malicious force that hides behind the cybersecurity of a million of companies and it’s called Business Email Compromise (BEC). Like the Trojan horse, the BEC uses your trust as its biggest weapon and introduces itself into your devices without asking. Agari says that a very few companies are free of this threat. 96% of organizations has been the target of BEC attacks between June and December of 2017. On average, organizations were BEC attacked 45 times along that amount of time. 

Monday, February 26, 2018

Nature and its wisdom

Nature is wise and trees are a clear example of this. Although the roots are the least visible part, they are the anchor that keeps the tree upright and allows it to grow. The diversification of these roots allows adhering to the earth with more force. As in nature, in many cases, companies need to diversify to gain strength and continue to grow.

Today, thanks to Nikkei's interview to Vicent Chong, president of Singapore Technologies Engineering, we know the trajectory and future steps of a company that is a clear example of the power of diversification. In addition to specializing in the robotics and cybersecurity industry, it is beginning to focus on defense, going from focusing on domestic issues to becoming an important international player in the engineering sector.

Friday, February 23, 2018

Deceive yourself

There is nothing worse than deceiving yourself, but in our sector, it seems to be something that happens too often. In CIGTR we celebrate every news in which cybersecurity is taken seriously and is posed as a real problem since this doesn´t happen as often as it should. There are many occasions in which news that brings to light data that is a reality check for anyone who doesn´t want to accept the importance of cybersecurity. Today we do a review to open the eyes of those who don´t want to see it. By the way, you're welcome.

Wednesday, February 21, 2018

The fittest

Survival of the fittest is presented as an alternative to natural selection and comes from the same evolution theory that Charles Darwin exposed. Basically, this idea shows how some individuals have features that are better at adapting to the environment, making them able to reproduce and forming the next generation. The ones that don’t have those features will be more likely to die and their features will disappear.

This also happens in the cybersecurity world, where we always drive in the fast lane and adapting to changes is linked to a company strategy readjustment. The one that can’t adapt, as it happens in Darwin’s theory, will disappear. The public CIOs are also attached to these rules and they already have their 2018 objectives planned. This week we want to put the focus on the results we got from the Gartner’s 2018 CIO Agenda Survey. This study gathered data from 3,160 CIO respondents in 98 countries and across major industries, including 461 government CIOs.

Monday, February 19, 2018

They are more, but less safe

How many IoT devices do you use in your daily routine? A lot of people won’t be able to answer that question as they would be unable to know the meaning of that term, and they’ll think they are not using any. This will change if we would have referred to them as “Connected things”. This makes your mind to instantly enumerate a series of devices, letting you know the importance of day-to-day technology. Dear user, don’t be confused about terms, it would be almost impossible to live without IoT. 

Nowadays, IoT investment is situated around the $1.400 million and it is hoped that gets to $5.1 thousand millions in 2022. This rising in investment will lead to a massive increase in auxiliary IoT industry and the number of devices connected. To understand where this investment is going and what the security threats are, we want to show you an interview to Vaughan Emery, Atonomi CEO, by Digital Journal

Friday, February 16, 2018

Guilty is the one that hides

There’s a universal rule that’s valid everywhere: everyone tries to hide somethin that is not good for themselves. Every power, even if it’s a democratic one, uses this rule for its convenience. Even mass media hides information or, in a lot of cases, they change the truth to avoid conflict or to help the hand that feeds them. In our “cyberworld”, hiding code, information or even armies has become an art. 

Wednesday, February 14, 2018

Like automatization for productivity

We have already lived some industrial revolutions and we can see how the pattern is always the same when replacing a manual way of doing things with an automatic one. As a society we expect this to increase our life quality, even as professionals. On the other hand, we are afraid that this will lead us to a massive job loss or into a situation in which humans are less important in companies. 

This week, HelpNet Security gave us the keys in a survey made by Indeni and GNS3 to more than 700 global engineering workers. Nowadays, companies are suffering a lack of knowledge in programming that could be tagged as one of their biggest risks. This survey shows how this knowledge necessity is having a great impact in the surveyed companies’ productivity and how automatization brings a solution. 

Monday, February 12, 2018

The path of gender equality

June 16th of 1963 was a remarkable year in history because of the role of women in cosmonautics. Tereshkova 26 years old was the “Vostok-6” ship’s pilot and flew off to space being the first woman doing that alone.  There’s still a lot to do in order to get to real gender equality but Tereshkova is a great example on how you can break the glass ceiling riding a spaceship. 

In CIGTR we want to support Infosecurity’s purpose for interviewing, based in the 10 finalists of the “Security Champion” in the “Women for IT” Awards, women to give them a voice in the infosecurity world. This week we want to show you the interview to Elisabetta Zaccaria to Infosecurity Magazine.

Friday, February 9, 2018

Don´t mine me out, let it be

Many know that, according to the version of the historian Herodotus, the first coins arise in Asia Minor about the seventh century BC. At first, its objective was to facilitate the collection of taxes and, over the years, have been extending to the present. What is not so well known is the problem involved in transporting the first coins. From that need arose the tickets, lighter and easier to transport. Things have changed a lot and currently with cryptocurrencies the weight is symbolic and its transport ... well ... ask cryptocurrency mining how little it costs to move them from one place to another.

Wednesday, February 7, 2018

Don´t be afraid ot the cloud

It´s rainy season and it´s easy to dream with the most frightening scenes in films about this atmospheric phenomenon. We have classic films like ‘Twister’ to the modern ‘Geostorm’, going through ‘The Perfect Storm’. Some of them are based on true events, but no one in these films seems to be able to anticipate what’s coming when the clouds darken.  

The cloud is precisely what we want to talk about in the study of the week. For yet another year, the company F5 Networks brings to light the results of their research ‘State of Application Delivery’ which shows the results on how different companies are adapting to the cloud. 

Monday, February 5, 2018

Foreign body

At the time of doing an organ transplant there is a probability of rejection. When this happens the immune system of the recipient detects that this organ isn´t its own and that it´s a stranger, and therefore an attack. To avoid this type of situation, doctors use drugs to inhibit the recipient's immune system.

This week, as you all know, has been a tumultuous one because of two visitors: Meltdown and Specter. For that reason, in CIGTR, we want to bring to light the interviewthat David Dufour, senior director of cybersecurity and engineering at Webroot, has offered to Info-Security Magazine. Dufour calls these two elements of malware "fascinating" and explains how events about these intruders have developed.

Friday, February 2, 2018

To err is human... ¿and not to avoid the error?

“Errare humanum est” is a Latin expression that means “To err is human”. This is what ancient Romans said and they were right. Many things have changed since Roman times but, just as then, man continuous to make mistakes precisely because, he is human. Over time this expression evolved to “To err is human but only idiots persevere in error”. This week, considering the amount of human errors that have been made in the cybersecurity world, it seems that many have stayed in the first version of the expression. 

Wednesday, January 31, 2018

Outside of the stereotypes

Women don´t know how to drive. In Spain, we nap daily. All Irish are redheads. Chinese are all similar physically. There are many stereotypes, some more accurate than others, but certainly include a large part of the population in categories, groups and descriptive adjectives. In the "cyber" world we are not free of stereotypes, computer and security professionals we are usually fit into the group of asocial, introverted, lonely and ... little valued?

We discovered that this is not true thanks to by HackerOne and the study that has been carried out on more than 2000 ethical hackers participating in bounty bug programs in more than 100 countries. When we talk about ethical hackers we refer to those security professionals who use their knowledge to find vulnerabilities and report them to companies so that they can take action. One of the most surprising results that can be drawn from this study is that, on average, ethical hackers who earn more than twice as much as a software engineer in their respective countries of origin.

Monday, January 29, 2018

Changing your daily routines

Diabetes, despite being a silent disease, occurs very frequently among the general population. Once detected and diagnosed, the arduous task of changing and adapting daily routines begins to avoid the effects of this uncomfortable disease. From the diet, to the physical activity or the greater mental control are some of the recommendations that the experts recommend. Once these changes are incorporated, normal life is possible, even with diabetes.

As with this annoying disease, cybersecurity is a factor that must be taken into account in each of the daily routines of the company. Today, thanks to Dann Patterson of TechRepublic, we can know the opinion of Greg Michaelidis, collaborator and former cyber security advisor of Obama. Michaelidis believes that cybersecurity is a human problem and that companies have to communicate better about solutions to cybersecurity problems.

Friday, January 26, 2018

It´s time to strength our immune system

In times of temperature change bacteria reproduce and the increase in bacteria can lead to a greater number of infections. Many doctors are very generous when prescribing antibiotics promoting its use. But many of them don´t know nature has an entire arsenal of plants that can help fight bacteria, even cure some minor infections. Acacia, Echinacea, Eucalyptus, Ginger ... are just some of the many examples that Mother Nature offers us. This week, in the cybersecurity world, we would have liked a small dose of an antibiotic to cure us of "cybernetic infections".

Wednesday, January 24, 2018

When it comes to investing, it's better to think twice

There is a group of investment advisors today that have to be pulling the few hairs that are left in the head. A little more than a decade ago, the founders of Google, made an offer to Excite to sell the service of the search engine in 1 million dollars. George Bell, president of Excite rejected the offer as an excessive price. The founders of Google lowered the price to 750,000 dollars and still George Bell rejected it using the theory that "anyone can program a search engine" ... Today Google is valued at 400,000,000,000 dollars. Moral: at the time of investing, it is better to think twice.

A safe investment in the world cybersecurity is to take a chance on Information Technologies (IT). During the year 2017 the global growth of the IT investment suffered a change with an increase of the 4% that is believed to persist over the next years, for example in 2018 global spending is expected to amount to $3 trillion. Despite this increase in investment, companies don´t forget the negative impact that Brexit, continuous currency fluctuations and a possible global recession can have.

Monday, January 22, 2018

There are no magical formulas

Today we are constantly bombarded by advertising and one of their claims is the sale of miraculous formulas and definitive remedies that will make you look younger, thinner ...and more innocent. The first "remedies" not only included plants whose healing virtues were discovered through a method of success and error, but there were poisons and concoctions that could generate the suffering to a multitude of ailments.

In cybersecurity there are also "innocent" companies that believe in the miraculous formulas that once implemented will make your company invincible in the face of attacks. This week we want to give voice to Michael Warnock, who has recently become Country Manager of Aura Information Security, a subsidiary of the mission-critical technology solutions provider, Kordia. The main objective of Michael lies in the need for companies to change their way of thinking when addressing cybersecurity. Aura Information currently leads the cybersecurity offering in Australia thanks to its partnership with RedShield that integrates the innovative "security at your service" approach.

Friday, January 19, 2018

Working safely

First Industrial Revolution didn´t happen that long ago and by that time the working conditions were dire. Not only wages were miserable, but working hours could easily last 13 hours and in the places workplaces were no ventilation or hygiene. Thanks to the Work-related Accidents Act of 1900 things improved for the workers of the time. Currently the risks are different and you may be suffering in your own company ... or even provoking them.

Wednesday, January 17, 2018

Action... reaction?

The idea on which the third Law of Newton is based, which refers to the basic principles of physics, was already mentioned by Socrates, named as the “Law of cause and effect”. Currently this same idea remains thanks to the Law of Karma, which is an anesthetic for the mind of the most suffered. There is a sense of redemptions and justice that accompanies this belief that defends that every action generates an amount of energy that returns to us with the same force.  

Behind every action there is a reaction and behind almost every cyberattack there is financial motivation. There is a type of attack called ransomware, and for the lucky one who doesn´t know what they are, they suppose an extraction of information for which a ransom is subsequently requested. Ransomware attacks are on the rise and it is already half of the companies worldwide that have experienced it in the last year according to this Radware study.

Monday, January 15, 2018

Chaos in Manhattan

Traffic lights of a large city simultaneously in green, massive chain clashes ... Something more than two years ago, New York could have suffered the takeover of the transit system by a terrorist group, it didn´t happen but it was evident how simple it was to do it. Someone demonstrated the ease with which they could access the traffic automation systems that are being installed these days in the largest cities in the world.

Today at CIGTR we want to give voice to that someone, César Cerrudo, the creator of the chaos in Manhattan that June 3, 2014. Currently CTO of IOActive Labs, famous for his research in ICS / SCADA, Smart Cities, IoT and software security. Currently César could be considered one of the most important professional hackers in the world, and although many still link the term "hacker" with not very clean actions, in reality this term doesn´t allude more than the fact of having extensive knowledge in the network and the programing.

Friday, January 12, 2018

"Humor" festival at the beginning of the year

The best of the week in cybersecurity

If it were not for serious issues, many weeks you could think that cybersecurity is a festival of cheap humor if you look back to see what has been in the news for the last days. Something halfway between a hard joke and a tasteless experience, where you find improbable flaws, things with political sarcasm, patches that create problems where there were none, and European laws that beyond Europe even half of the affected don't know. Fortunately, in the meantime, there are who take things seriously and remind us that the security of our data and our information is something crucial for everyone, every day.

If you have not heard of Meltdown and Spectre in recent weeks, lucky you are in your disconnected paradisiacal island. For all the others, these two have been the scariest names of the digital experience, because they told us that nobody was safe. Except from AMD, where they said since the first hour that their microprocessors were secure, but... party was quickly off for the users and customers of the company. During the weekend, the same Microsoft patch that restored peace of mind to users with Intel devices, left the AMDs frozen at the launching of the operating system.

Wednesday, January 10, 2018

The doctor's disease

In Spain, where this Research Center is based, we are on the rainy season. And we already know that the rainy season it´s time of virus. Viruses and bacteria proliferate in rainy weather due to humidity and heat so, in addition to having to coexist with this uncomfortable, but necessary, atmospheric phenomenon, we have to protect ourselves so as not to catch a virus that spoils the game.

In the world of cybersecurity, bacteria also grow, and they don´t differentiate between doctor and patient. The healthcare sector is suffering and we have to think about a drug to cure it. In the study of the week we bring the results of the research carried out by Cryptonite. During 2017 healthcare has suffered a total of 140 data breach events reported to HHS / OCR as hacking actions, which represent an increase of 23.89% over the 113 hacking attacks reported in 2016.

Monday, January 8, 2018

Your daily routine

Nowadays, we leave our footprints everywhere we go. Every time we pay with credit card, every public transport we take and every minute we’re using social media, we’re setting breadcrumbs that define our way and daily routine. This definition of our routines, apart of being an unwanted social control, this can warn when the routines are broken and something suspicious happens.    

This week we want to talk about Sanjay Aurora, managing director, APAC, for Darktrace and an expert on the benefits of companies’ routines. Sanjay used to work for Oracle, Autonomy and OpenText. His career makes him a specialist on cybersecurity based on AI. We are going to discover the truth of Darktrace’s success in the market and the nature of its technology. 

Friday, January 5, 2018

What are your resolutions?

New year, new purposes. In most cases, these budgets require an expense that will be reduced from another side, so we could say that the reorganization of our budget will be another of our purposes for this year. In companies the same thing happens, when facing a new year the priorities change. From CIGTR, we hope that security is incorporated into your list of priorities (if it´s not already) and we leave you a summary of weekly news that can help you to relocate expenses and investments.

Wednesday, January 3, 2018

Over and out

Good communication is one of the basic pillars in a company and although it seems simple, many times, it´s difficult to achieve. There are studies that claim that a large percentage of business problems are the result of poor communication. Despite the new technologies and the arrival of IoT devices to most companies, as the level of connectivity between the members of the organization increases, the attack surface is also bigger.

According to the latest edition of EY's "Global Information Security Survey," most security leaders feel they are more at risk today than they were 12 months ago. It is estimated that the global cost of cybersecurity infractions will reach 6 trillion dollars in 2021, taking into account this fact it might seem that communication is one of the minor concerns of a company, but many of the current problems in the world of Cybersecurity is due to the stagnation of information in some of the points of the chain of command.